[GitHub] [flink] zentol commented on a change in pull request #12682: [FLINK-18320][hive] Fix NOTICE and license files for flink-sql-connec…

Thu, 18 Jun 2020 02:42:05 -0700 


zentol commented on a change in pull request #12682:
URL: https://github.com/apache/flink/pull/12682#discussion_r442101556



##########
File path: 
flink-connectors/flink-sql-connector-hive-1.2.2/src/main/resources/META-INF/NOTICE
##########
@@ -8,6 +8,41 @@ This project bundles the following dependencies under the 
Apache Software Licens
 
 - org.apache.hive:hive-exec:1.2.2
 - org.apache.hive:hive-metastore:1.2.2
+- org.apache.hive:hive-common:1.2.2
+- org.apache.hive:hive-serde:1.2.2
+- org.apache.hive.shims:hive-shims-0.20S:1.2.2
+- org.apache.hive.shims:hive-shims-0.23:1.2.2
+- org.apache.hive.shims:hive-shims-common:1.2.2
+- org.apache.hive:spark-client:1.2.2
+- com.twitter:parquet-hadoop-bundle:1.6.0
+- org.apache.thrift:libthrift:0.9.2
 - org.apache.thrift:libfb303:0.9.2
 - org.apache.orc:orc-core:1.4.3
 - io.airlift:aircompressor:0.8
+- commons-lang:commons-lang:2.6
+- org.apache.commons:commons-lang3:3.1
+- org.apache.avro:avro:1.7.5
+- org.apache.avro:avro-mapred:1.7.5
+- com.googlecode.javaewah:JavaEWAH:0.3.2
+- org.iq80.snappy:snappy:0.2
+- org.codehaus.jackson:jackson-core-asl:1.9.2
+- org.codehaus.jackson:jackson-mapper-asl:1.9.2
+- com.google.guava:guava:14.0.1
+- net.sf.opencsv:opencsv:2.3
+- joda-time:joda-time:2.5
+- org.objenesis:objenesis:1.2
+
+This project bundles the following dependencies under the BSD license.
+See bundled license files for details.
+
+- com.esotericsoftware.kryo:kryo:2.22
+- org.jodd:jodd-core:3.5.2
+- javolution:javolution:5.5.1
+- com.google.protobuf:protobuf-java:2.5.0
+- com.esotericsoftware.minlog:minlog:1.2
+- com.esotericsoftware.reflectasm:reflectasm:1.07
+
+This project bundles the following dependencies under the JSON license.

Review comment:
       @JingsongLi It is good to know that json is not necessarily required, 
but I'm not sure if it changes anything.
   We'd be moving on _very_ thin ice by arguing "you can use this component, 
that we released, with hive 1.2, which is overall category-x because it 
includes json.org:json, but it's fine because it's not used in any code-path 
that we call into."
   I have not seen such a distinction being made, hence why I'm cautious about 
it.
   There's also the question how exactly it was verified that in _all_ 
code-paths we use we do not call into json.org:json, or how to ensure that this 
does not happen in the future.




----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to